Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/r76aWhGukzGvDclnyYGACMcwDfo.roa
File: r76aWhGukzGvDclnyYGACMcwDfo.roa (raw, json)
Hash identifier: mLR5I0Nw4rJKn9y9GoEE249LM5ZRTm6cof7FDdTA1RM=
Subject key identifier: AF:BE:9A:5A:11:AE:93:31:AF:0D:C9:67:C9:81:80:08:C7:30:0D:FA
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 01856D8ADBCD3E800DE6F94A0488A43D744C
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/r76aWhGukzGvDclnyYGACMcwDfo.roa
Signing time: Sun 01 Jan 2023 13:34:54 +0000
ROA not before: Sun 01 Jan 2023 13:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 393427
IP address blocks: 176.221.24.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:db:cd:3e:80:0d:e6:f9:4a:04:88:a4:3d:74:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jan 1 13:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=afbe9a5a11ae9331af0dc967c9818008c7300dfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:88:2d:08:5e:5c:d0:7f:06:36:c2:6b:1c:65:
89:5e:2b:28:73:e8:30:99:25:b9:97:7e:29:5f:fc:
8f:ec:5c:9f:cb:c3:23:ba:dc:fa:24:ee:f7:82:a2:
44:d8:e3:7f:5f:50:e5:bc:ca:59:64:a1:68:95:44:
38:5e:35:fd:dd:43:19:93:0d:ac:4c:8e:0f:ac:a9:
d3:8f:85:df:75:31:b5:c7:69:13:ce:4b:5c:33:0b:
9f:9b:c7:8d:90:cf:8d:95:35:b7:7f:21:00:6b:7f:
e3:87:dc:dc:f2:e4:de:8d:c9:d8:63:b0:91:1d:84:
36:0f:39:5f:e4:88:25:80:45:f6:c9:d8:7f:26:8d:
23:d7:87:56:76:68:b7:3f:b6:88:57:54:e1:04:72:
09:c4:95:12:28:79:67:8f:67:6a:d4:57:00:71:d1:
c2:d3:3e:f4:43:c6:d8:b0:10:e5:84:c4:4e:c2:50:
82:9b:93:a8:4b:36:36:fd:60:0a:8f:c6:76:59:3b:
91:db:ea:20:cd:98:67:5a:01:8c:7e:3e:eb:3b:ec:
9d:2f:91:c5:b0:52:f7:43:d3:21:d3:6f:bb:a0:14:
3e:1c:14:81:f3:e1:bd:59:79:07:11:64:93:80:cb:
30:b7:58:12:0e:0a:3c:90:89:0d:55:2c:5d:be:dd:
fc:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:BE:9A:5A:11:AE:93:31:AF:0D:C9:67:C9:81:80:08:C7:30:0D:FA
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/r76aWhGukzGvDclnyYGACMcwDfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.221.24.0/21
Signature Algorithm: sha256WithRSAEncryption
3e:0a:72:eb:d6:36:c6:07:1b:31:eb:4c:1e:0f:1c:79:c3:11:
e3:7f:b2:ad:94:9e:2b:77:be:18:09:00:43:0b:0b:64:56:79:
06:20:e7:bc:27:84:73:e0:48:e4:60:6d:ec:58:fd:19:9c:3d:
7a:c0:0d:07:37:df:82:1c:0b:95:84:4e:e2:ee:63:c8:41:08:
9b:00:3c:aa:b7:29:48:07:f0:65:71:10:0a:78:21:d3:07:24:
83:8b:52:7a:b9:67:e0:66:fb:16:0e:d6:73:5d:d5:9f:3e:f4:
9f:07:36:22:11:26:4f:0d:43:57:0d:93:5b:ce:19:eb:eb:04:
55:f5:33:06:d8:29:28:b3:b2:4c:7b:20:7c:0b:3f:18:5e:37:
45:cd:7c:42:e3:3b:58:68:30:9f:43:f5:51:06:d5:a0:20:5c:
31:a8:4f:a0:2d:c5:4b:2c:0b:f7:f8:b1:06:2a:98:36:cd:35:
3c:f9:cf:9c:6f:fc:e1:12:53:fa:27:52:a6:d5:55:82:f0:d0:
59:30:6f:a5:d3:2b:bf:01:1a:63:69:a4:35:57:09:c9:12:54:
cb:94:22:5c:86:a0:3b:b7:cc:71:59:db:a2:7f:4a:4a:c0:b9:
57:ab:ee:a0:f4:6f:c6:04:9a:f9:ce:81:9b:b6:5f:89:a9:59:
09:42:99:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtitvNPoAN5vlKBIikPXRMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMwMTAxMTMzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmJlOWE1YTExYWU5MzMxYWYwZGM5NjdjOTgxODAwOGM3MzAwZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYgtCF5c0H8GNsJrHGWJXisoc+gw
mSW5l34pX/yP7Fyfy8Mjutz6JO73gqJE2ON/X1DlvMpZZKFolUQ4XjX93UMZkw2s
TI4PrKnTj4XfdTG1x2kTzktcMwufm8eNkM+NlTW3fyEAa3/jh9zc8uTejcnYY7CR
HYQ2Dzlf5IglgEX2ydh/Jo0j14dWdmi3P7aIV1ThBHIJxJUSKHlnj2dq1FcAcdHC
0z70Q8bYsBDlhMROwlCCm5OoSzY2/WAKj8Z2WTuR2+ogzZhnWgGMfj7rO+ydL5HF
sFL3Q9Mh02+7oBQ+HBSB8+G9WXkHEWSTgMswt1gSDgo8kIkNVSxdvt38cQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK++mloRrpMxrw3JZ8mBgAjHMA36MB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvcjc2YVdoR3Vrekd2RGNsbnlZR0FDTWN3RGZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsN0YMA0G
CSqGSIb3DQEBCwUAA4IBAQA+CnLr1jbGBxsx60weDxx5wxHjf7KtlJ4rd74YCQBD
CwtkVnkGIOe8J4Rz4EjkYG3sWP0ZnD16wA0HN9+CHAuVhE7i7mPIQQibADyqtylI
B/BlcRAKeCHTBySDi1J6uWfgZvsWDtZzXdWfPvSfBzYiESZPDUNXDZNbzhnr6wRV
9TMG2Ckos7JMeyB8Cz8YXjdFzXxC4ztYaDCfQ/VRBtWgIFwxqE+gLcVLLAv3+LEG
Kpg2zTU8+c+cb/zhElP6J1Km1VWC8NBZMG+l0yu/ARpjaaQ1VwnJElTLlCJchqA7
t8xxWduif0pKwLlXq+6g9G/GBJr5zoGbtl+JqVkJQpkd
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:22:53 2025 by rpki-client